package cn.amaake.magicplugin.satoken.interfaces;

import cn.amaake.magicplugin.satoken.model.SatokenUser;
import cn.dev33.satoken.oauth2.model.SaClientModel;
import jakarta.servlet.http.HttpServletRequest;
import org.ssssssss.magicapi.core.interceptor.Authorization;
import org.ssssssss.magicapi.core.model.Group;
import org.ssssssss.magicapi.core.model.MagicEntity;
import org.ssssssss.magicapi.core.servlet.MagicHttpServletRequest;

import java.util.List;

public interface SatokenUserInterface {

    /**
     * 获取用户信息
     * @param username 账号
     * @param password 密码
     * @param request 请求ServletRequest
     * @param ifrequest ServletRequest是否为空，magicapi登录时为false
     * @return
     */
    public SatokenUser getSatokenUser(String username, String password, HttpServletRequest request,boolean ifrequest);


    /**
     * 返回一个账号所拥有的权限码集合
     */
    public List<String> getPermissionList(Object loginId, String loginType);


    /**
     * 返回一个账号所拥有的角色标识集合 (权限与角色可分开校验)
     */
    public List<String> getRoleList(Object loginId, String loginType);


    /**
     * 是否拥有页面按钮的权限
     * // Authorization.SAVE 保存
     * // Authorization.DELETE 删除
     * // Authorization.VIEW 查询
     * // Authorization.LOCK 锁定
     * // Authorization.UNLOCK 解锁
     * // Authorization.DOWNLOAD 导出
     * // Authorization.UPLOAD 上传
     * // Authorization.PUSH 推送
     */
    public boolean allowVisitPage(String id, MagicHttpServletRequest request, Authorization authorization);

    /**
     * 是否拥有对该接口的增删改权限
     * 此方法可以不重写，则走默认的 boolean allowVisit(MagicUser magicUser, HttpServletRequest request, Authorization authorization) 方法
     * // Authorization.SAVE 保存
     * // Authorization.DELETE 删除
     * // Authorization.VIEW 查询
     * // Authorization.LOCK 锁定
     * // Authorization.UNLOCK 解锁
     * // 自行写逻辑判断是否拥有如果有，则返回true，反之为false
     */
    public boolean allowVisitMagicEntity(String id, MagicHttpServletRequest request, Authorization authorization, MagicEntity entity);

    /**
     * 是否拥有对该分组的增删改权限
     * 此方法可以不重写，则走默认的 boolean allowVisit(MagicUser magicUser, HttpServletRequest request, Authorization authorization) 方法
     * // Authorization.SAVE 保存
     * // Authorization.DELETE 删除
     * // Authorization.VIEW 查询
     * // 自行写逻辑判断是否拥有如果有，则返回true，反之为false
     */
    public boolean allowVisitGroup(String id, MagicHttpServletRequest request, Authorization authorization, Group group);


    /**
     * 根据clientid获取 Client 信息
     * @param clientId
     * @return
     */
    public SaClientModel getClientModel(String clientId);

    /**
     * 根据ClientId 和 LoginId 获取openid
     * @param clientId
     * @param loginId
     * @return
     */
    public String getOpenid(String clientId, Object loginId);

}
